package com.group5.onlinegame.util;

import com.group5.onlinegame.entity.LoginUser;
import com.group5.onlinegame.service.ILoginService;
import com.group5.onlinegame.service.IPowerService;
import com.group5.onlinegame.service.LoginService;
import com.group5.onlinegame.service.PowerService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import javax.annotation.Resource;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

public class MyAuthRealm extends AuthorizingRealm {

    @Resource
    private ILoginService loginService;

    @Resource
    private IPowerService powerService;
    /**
     * 为当前登录的用户授予角色和权限
     */
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String username = (String) principals.getPrimaryPrincipal();
        System.out.println("获取角色和权限:" + username);
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        Set<String> roles = powerService.getUserRole(username);
//        Set<String> roles = new HashSet<String>();
//        roles.add("admin");
//        roles.add("admin1");
//        roles.add("admin2");
//        roles.add("admin3");
//        roles.add("admin4");
//        Set<String> perms = new HashSet<String>();
//        perms.add("add");
//        perms.add("del");
//        perms.add("update");
        authorizationInfo.setRoles(roles);
//        authorizationInfo.setStringPermissions(perms);
        /**
         * 根据当前用户去数据库中查询角色及权限数据，
         * 把这些数据赋值到authorizationInfo中
         *  authorizationInfo.setRoles(roles);
         *  authorizationInfo.setStringPermissions(perms);
         */
        //调用service方法查询用户的角色和权限
            /* Connection con=null;
            try{
                con=dbUtil.getCon();
                authorizationInfo.setRoles(userDao.getRoles(con,userName));
                authorizationInfo.setStringPermissions(userDao.getPermissions(con,userName));
            }catch(Exception e){
                e.printStackTrace();
            }finally{
                try {
                    dbUtil.closeCon(con);
                } catch (Exception e) {
                    // TODO Auto-generated catch block
                    e.printStackTrace();
                }
            }*/
        return authorizationInfo;
    }

    /**
     * 验证当前登录的用户
     */
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        String username = (String) token.getPrincipal();
        String password = new String((char[]) token.getCredentials());
        AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(username, password, "xx");
        System.out.println("执行登录验证：" + username + "," + password);
        LoginUser loginUser = new LoginUser();
        loginUser.setUsername(username);
        loginUser.setPassword(password);
        loginUser = loginService.getLoginUser(loginUser);
        if (loginUser != null) {
            return authcInfo;
        }
        return null;
    }
}
